Skip to content

Release v0.2.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 19 Jun 01:26
v0.2.0
cc6f087

Release 0.2.0 - Enhanced Security Operations

πŸš€ Major Features

Comprehensive Wazuh Integration

  • 14 Security Tools: Complete coverage of Wazuh SIEM capabilities including alerts, vulnerabilities, agents, processes, network ports, logs, statistics, and cluster management
  • Dual API Support: Seamless integration with both Wazuh Indexer (for alerts) and Wazuh Manager (for agents, rules, vulnerabilities, and system data)
  • Agent-Specific Intelligence: Deep visibility into individual agent processes, network ports, and vulnerability assessments

Advanced Vulnerability Management

  • Critical Vulnerability Detection: Dedicated tool for identifying and prioritizing critical security vulnerabilities
  • Multi-Severity Filtering: Support for filtering vulnerabilities by severity levels (Low, Medium, High, Critical)
  • CVE-Specific Search: Ability to search for specific CVE identifiers across agent vulnerability data
  • CVSS Score Integration: Display of CVSS2 and CVSS3 scores for comprehensive risk assessment

System Monitoring & Forensics

  • Process Analysis: Real-time monitoring of running processes on Wazuh agents with memory usage and command details
  • Network Port Monitoring: Comprehensive network security assessment with protocol, state, and process association
  • Log Analysis: Advanced log searching and filtering capabilities for incident investigation
  • Performance Statistics: Weekly aggregated statistics and daemon-specific metrics for operational monitoring

Compliance Framework Support

  • Regulatory Mapping: Display of GDPR, HIPAA, PCI-DSS, and NIST 800-53 compliance mappings in security rules
  • Audit Trail Support: Comprehensive logging and monitoring capabilities for compliance requirements

Cluster Management

  • Health Monitoring: Real-time cluster health assessment with detailed status reporting
  • Node Management: Comprehensive cluster node information including status, type, and connectivity
  • Distributed Architecture: Support for multi-node Wazuh deployments

Statistics & Analytics

  • Weekly Aggregations: Comprehensive weekly statistics for trend analysis
  • Daemon Metrics: Detailed statistics from remoted and log collector daemons
  • Performance Monitoring: Queue sizes, message counts, and throughput metrics

πŸ”„ Breaking Changes

  • Agent ID Format: All agent-specific tools now require string-formatted agent IDs
  • Parameter Validation: Stricter input validation with improved error messages
  • Environment Variables: Updated configuration requirements for dual API support
Assets 6
Loading